- This Week in Scams: $16.6 Billion Lost, Deepfakes Rise, and Google Email Scams Emerge | McAfee Blog
- Proof-of-concept bypass shows weakness in Linux security tools, claims Israeli vendor
- SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
- Lenovo targets AI workloads with massive storage update
- Girls Power Tech Inspires the Next Generation of Tech Leaders
NCSC Publishes Practical Security Guidance For SMBs
A leading UK security agency has today published a new guide for small and medium-sized businesses (SMBs) designed to help reduce the potential impact of cyber-attacks when using online services.
The National Cyber Security Centre (NCSC) said its Using online services safely guide is specifically aimed at organizations that may not have access to dedicated IT and support staff.
“This is specifically written for small and medium sized enterprises (SMEs), who may be overwhelmed by our existing cloud security guidance (which is aimed squarely at IT professionals and contains a lot more technical details),” wrote Amelia H of the NCSC’s Economy and Society team.
“Our new guidance will help SMEs use online services more securely, so that they’re less likely to be the victim of a cyber-attack.”
Read more on SME security: Over Half of SMEs Have Experienced a Cybersecurity Breach
Smaller organizations are increasingly dependent on cloud or online services, especially as many staff now work from home part or all of the time following the pandemic.
“Many SMEs already rely on online services for day-to-day tasks, even if they’re not aware of it. This includes email and instant message communications, cloud storage, website/shop hosting, online accounting and invoicing, or simply using social media to engage with customers,” argued Amelia H.
“How long could your business operate without these critical functions if you couldn’t log onto your computers as a result of (for example) a ransomware attack? Or if you were locked out of an online account?”
The guide contains 10 pages of simple, practical advice, ranging from choosing the right service and backing up data to domain name security, creating and securing user/admin accounts and defending them from malware. There’s also guidance on how to use the built-in security features of popular cloud services and recover a hacked account or service following an attack.
According to a government report, from April 2023, a third (32%) of UK businesses suffered a security breach or cyber-attack in the previous 12 months, rising to 59% of medium businesses.
